package com.assembly.oauth2.config;


import com.assembly.oauth2.mobile.MobileAuthenticationConfig;
import com.assembly.oauth2.mobile.MobileValidateFilter;
import com.assembly.oauth2.wechat.WeChatAuthenticationConfig;
import com.assembly.oauth2.wechat.WeChatValidateFilter;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;

/**
 * 安全配置类
 */
@Configuration
@EnableWebSecurity
@Slf4j
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private AuthenticationSuccessHandler authenticationSuccessHandler;

    @Autowired
    private AuthenticationFailureHandler authenticationFailureHandler;
    // 校验手机号是否存在，就是手机号认证
    @Autowired
    private MobileAuthenticationConfig mobileAuthenticationConfig;
    /***
     * 微信
     */
    @Autowired
    private WeChatAuthenticationConfig weChatAuthenticationConfig;

    @Autowired
    private  UserDetailsService customUserDetailsService;

    @Autowired
    private LogoutSuccessHandler logoutSuccessHandler;
    /***
     * 认证管理器
     * @param auth
     * @throws Exception
     */
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        log.info("=============进入认证管理器===================");
        // 指定使用自定义查询用户信息来完成身份认证
        auth.userDetailsService(customUserDetailsService);
     //   auth.inMemoryAuthentication().withUser("admin").password(passwordEncoder.encode("12345")).authorities("user:add");
      //  super.configure(auth);
    }

//
    @Bean // 使用 password模块时需要此bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }
///校验手机验证码
    @Autowired
     private MobileValidateFilter mobileValidateFilter;
   @Autowired
     private WeChatValidateFilter weChatValidateFilter;
    /**
     * 系统资源权限配置：
     * 1.被拦截的资源
     * @param http
     * @throws Exception
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.addFilterBefore(mobileValidateFilter, UsernamePasswordAuthenticationFilter.class)
             .addFilterBefore(weChatValidateFilter, UsernamePasswordAuthenticationFilter.class)
            .formLogin()
                    .loginProcessingUrl("/login/user")
                    .successHandler(authenticationSuccessHandler)
                    .failureHandler(authenticationFailureHandler)
                    .and()
                    .authorizeRequests()
                    .antMatchers("/login/**").permitAll()
                    .anyRequest().authenticated().and()
                .logout()
                .logoutSuccessHandler(logoutSuccessHandler).
                and()
                .csrf().disable();
        //将手机认证添加到过滤器链上
         http.apply(mobileAuthenticationConfig);
         http.apply(weChatAuthenticationConfig);


    }

}
